The present invention relates to a storage apparatus, an access control apparatus for a recording medium and an access control method for a recording medium, in which there is provided a function of preventing any unauthorized access to a recording medium by a third party by the use of a password or the like. More particularly, the present invention relates to a technology in which effective access control can be performed on the recording medium so as to maintain the security even if an authorized user forgets the password or the like.
In recent years, storage apparatuses including various types of recording media are being developed. In particular, with the spread of personal computers, the storage apparatuses generally use removable media, such as magneto-optical disks, floppy disks, and optical disks as the recording media. Although the recording media of this type have the advantage of easy handling because of their small size and light weight, they have also the disadvantages that they can easily be taken away by a third party and the data can easily be stolen or altered.
Therefore, passwords or the like have been conventionally used to prevent stealing and alteration of the data.
In a conventional storage apparatus, in order to improve the security by preventing unauthorized access (reading/writing and deletion) by a third party, a password is set in advance in a recording medium and an internal memory of the device. When a user inputs a password (the user may be an authorized person or a third party), it is compared with the already recorded password, and access to the recording medium is permitted only when the two passwords match. The storage apparatus mentioned here is described in detail in Japanese Patent Application Laid-Open Nos. SHO 57-150117, SHO 60-189531, SHO 63-175955, and HEI 01-309120.
Moreover, in a storage apparatus in which a removable medium such as a magneto-optical disk or a floppy disk is used as a recording medium, the recording medium is initialized before use. This initialization causes erasure of the password and of course the secret code number and the data recorded in the recording medium. In the storage apparatus of this kind, the password is used for the purpose of prevention of unauthorized access without imposing any limitation of initialization. Therefore, if the user forgets the password, he/she user must set a new password after the initialization of the recording medium. If the initialization of the recording medium can not be carried out because the user has forgotten the password, the treatment of the complete prohibition of the initialization of recording medium etc. is taken.
The description has been given above of the example of the access control and initialization control on the recording medium by using the password in the conventional storage apparatus. However, in the conventional storage apparatus, an inconvenient situation occurs for the authorized user as explained below. That is, when a password is used for the purpose of the access control in such a manner that only the authorized user can access the recording medium, and if the authorized user forgets the password, he/she cannot virtually access the recording medium.
Consequently, in such a case anybody can initialize the recording medium because a password is not required for initialization and then set a new password. However, the recording medium can be disadvantageously initialized by a third party other than the authorized user because a password is not required for initialization. In view of this, in the conventional recording medium, there have been no measures except resetting a new password after the initialization in the case where the user forgets the password for the access control. Therefore, there have arisen problems that the convenience for the authorized user is deteriorated, and further, that the security is degraded since a third party can initialize the recording medium.
The present invention has been made in light of the problems described above. It is an object of the present invention to provide a storage apparatus, an access control apparatus for a recording medium and an access control method for a recording medium in which effective access control can be performed on the recording medium all the time by an authorized user and the security can be maintained.
According to one aspect of this invention, in a storage apparatus, an access control unit normally performs the access control on the basis of a first control information and a second control information recorded respectively in a first recording region and a second recording region of the recording medium. The first control information and the second control information is the information which is used to prevent an illegal access by a third party. When the recording medium is required to be initialized, the first recording region can be initialized using an initializing unit but the second recording region cannot be initialized. Thus, the first control information can be erased but the second control information can not be erased and always remains, so that the access control can be performed even in the case of the initialization on the basis of the second control information. Passwords or flags (data), for example, may be used as the first control information and the second control information.
As explained above, the first control information and the second control information are set in the first recording region and the second recording region respectively, and the second recording region cannot be initialized at the time of initialization. Thus, the effective access control can be performed thereafter on the basis of the second control information, and further, the security can be maintained.
Further, the initialization unit controls the initialization of the first recording region on the basis of initialization control information such as a password recorded in the second recording region. Since the second recording region cannot be initialized, the initialization control information cannot be erased. Since the initialization control information is set in the second recording region which cannot be initialized, it is unnecessary to reset the initialization control information at the time of next initialization.
Further, since the access control is performed on the basis of any one of the first control information and the second control information, it is possible to perform the effective access control thereafter on the basis of the remaining second control information. Further, it is possible to maintain the security even when the first control information is erased by the initialization.
Further, since the access control is performed on the basis of both of the first control information and the second control information, it is possible to enhance the security. Further, it is possible to prevent any unauthorized access by a third party on the basis of the remaining second control information even in the case of the initialization.
According to another aspect of this invention, in an access control method for a recording medium having a first recording region and a second recording region, first control information and second control information are set in the first recording region and the second recording region of the recording medium respectively, and the second recording region cannot be initialized at the time of initialization. Thus, the effective access control can be performed thereafter on the basis of the second control information, and further, the security can be maintained.
Other objects and features of this invention will become apparent from the following description with reference to the accompanying drawings.